Researchers from Russian security company Doctor Web have recently unearthed a password-stealing backdoor Trojan that targets specifically Linux and Mac OS X users.
Dubbed Wirenet, the Trojan records passwords entered in Firefox, Chrome, Chromium and Opera (but seemingly not Safari) and passwords stored by open source, cross-platform applications such as email client Thunderbird, Internet suite SeaMonkey, and IM client Pidgin.
It communicates with its control server located at 220.127.116.11 by using the Advanced Encryption Standard, and delivers the goods to it.
The researchers are still in the dark as to the method used for spreading the malware, so they keep investigating. They consider Wirenet to be the first ever Trojan developed exclusively for targeting OS X and Linux users.